Thursday, November 21, 2024
MacNews

Jamf Threat Labs report shows new malware variants affecting macOS

MalwareA Jamf Threat Labs report shows new malware variants affecting macOS.

Jamf Threat Labs has released a report revealing APT actors from the DPRK have been embedding malware within Flutter applications. This marks the first time Jamf has seen attackers use this tactic to go after macOS devices. 

Flutter is a framework developed by Google that simplifies app design for developers who are designing an app that they want to look consistent across macOS, iOS and Android. The benefit for attackers? Flutter-built applications provide a large amount of obscurity to the code. 

Jamf also discovered two other malware variants: a Golang variant (which was previously signed and notarized by Apple, then had its signature revoked) and a Python variant built with the Py2App. The blog post reveals technical details on the packaging and execution of all three variants and a warning from Jamf that actors are likely testing a new way to weaponize malware on a large scale.

Dennis Sellers
the authorDennis Sellers
Dennis Sellers is the editor/publisher of Apple World Today. He’s been an “Apple journalist” since 1995 (starting with the first big Apple news site, MacCentral). He loves to read, run, play sports, and watch movies.